Sign in to follow this  
Followers 0
robert4

False Positive?

7 posts in this topic

I received a backdoor.bot warning on unlite3.exe, but no other scan finds it. I have used Windows Defender, Spybot Search and Destroy, Avira, and Kaspersky's online scanner. Could you please tell me if it is a false positive?

Thanks,

robert

Malwarebytes' Anti-Malware 1.41

Database version: 3037

Windows 5.1.2600 Service Pack 3

10/27/2009 1:40:07 AM

mbam-log-2009-10-27 (01-39-57).txt

Scan type: Quick Scan

Objects scanned: 125320

Time elapsed: 4 minute(s), 52 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\unlite3.exe (Backdoor.Bot) -> No action taken. [5253514247405230356668766980808315358085130117130121372234221717171719171717171

71717211717173917173939393917171717352517171717171717171717171717172117171718341

7

17171717171717171717171717171717171717171717171717171717171717171717171717171717

1

71717171717171717171717171717171717171717171717171717171817171717353418171717173

8

18393521172636371918352517182136363719182617261722212325232624201917241724192339

2

32424192318233719172337242224202421191723192322191724192422233819172422233823212

3

22241919172224232623382020201917371734192120241717171717171717171717171717171717

1

71717171717171717171717171717171717171717171717171717171717171717171717171717171

7

17171717171717171717171717171717171717171717171717171717171717171717171717171717

1

71717171717171717171717171717171717171717171717171717171717171717171717171717171

7

17171717171717171717171717171717171717171717171717171717171717171717171717171717

1

71717171717171717171717171717171717171717171717171717171717171717171717171717171

7

17171717171717171717171717171717171717171717171717171717171717171717171717171717

1

71717171717171717171717221721221717171721361718172517171826223821191934171717171

7

17171717171717171717173817171725382518173517181719182617173232323217171717323217

1

71717171717171717171732323232323217171717181717171717171732323232171717171717323

2

32321717181717171717171717191717171717181717171717171717171717171717172117171717

1

71717171717171717171717323232321717171717211717171717171717171717171719171717171

7

17171717173232171717172117171717171717171718171717171718171717171717171717171717

1

71817171717171717171717171717171717171717171717171717323232321717323232321717171

7

17173232323217171717323217171717171717171717171717171717171717171717171717171717

1

71717171717171717173232323217173232323217171717171717171717171717171717171717171

7

17171717171717171717171717171717171717171717171717171717171717171732323232171718

2

51717171717171717171717171717171717171717171717171717171717171717171717171717171

7

17171717171717171717171717171717171717171717171717171717171717171717171717171717

1

71717171717171717171717171717171717171717172120213921212122171717171717171732323

2

32323217171717181717171717171732323232171717171721171717171717171717171717171717

1

71717171717171717171717171917171717172317212121182221211817171717171717173232323

2

17171717171732323232171717173232171717171717323232321717171717171717171717171717

1

71717171717171717171717211717171717361721192220222017171717171717171717323232321

7

17171717173232323217171717171717171717171732323232171717171717171717171717171717

1

71717171717171717171717171717171736171938232623212318242123181717171732323232171

7

17171717323232321717171732321717171717173232323217171717171717171717171717171717

1

71717171717171717172117171717173617193824212336242017171717171717173232171717171

7

17171732323232171717171717171717171717323232321717171717171717171717171717171717

1

71717171717171717171717171717361719382419232123182421231817171717182517171717171

7

17173232323217171717171917171717171732323232171717171717171717171717171717171717

1

71717171717171721171717171722171938241923222336233923201717171732323232171717171

7

17323232321717171732321717171717173232323217171717171717171717171717171717171717

1

71717171717172117171717172217193824192420241923201717171717171717323217171717171

7

32323232171717173232171717171717323232321717171717171717171717171717171717171717

1

71717171717211717171717221717171717171717171717171717171717171717171717171717173

2

32323217171717171717171717171732323232171717171717171717171717171717171717171717

1

71717171721171717171722171717171717171717171717171717171717171717171717171717171

7

17171717171717171717171717171717171717171717171717171717171717171717171717171717

1

71717171717171717171717171717171717171717171717171717171717171717171717171717171

7

17171717171717171717171717171717171717171717171717171717171717171717171717171717

1

71717171717171717171717171717171717171717171717171717171717171717171717171717171

7

17171717171717171717171717171717171717171717171717171717171717171717171717171717

1

71717171717171717171717171717171717171717171717171717171717171717171717171717171

7

17171717171717171717171717171717171717171717171717171717171717171717171717171717

1

717171717171717171721181732323232173417232220242124192326233823242225]

Share this post


Link to post
Share on other sites

Please zip and attach a copy of WINDOWS\unlite3.exe to your next post .

Share this post


Link to post
Share on other sites

Same for me. Of course MB removed the file. Here's the quarantined file (zipped) if that helps.

Seems like this is the file for the day...

Fred

QUAR1.zip

Share this post


Link to post
Share on other sites

It does not , restore from quarantine and then send the file .

Share this post


Link to post
Share on other sites
Please zip and attach a copy of WINDOWS\unlite3.exe to your next post .

Thank you very much, hopefully it is a false positive. I have attached the file.

robert

unlite3.zip

Share this post


Link to post
Share on other sites

Hi Nosirrah, I think I am late (waiting for a dev log).

Malwarebytes' Anti-Malware 1.41

Version de la base de donn

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.